From owner-freebsd-hackers  Sat Nov 22 14:37:16 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id OAA00866
          for hackers-outgoing; Sat, 22 Nov 1997 14:37:16 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from alpha.xerox.com (alpha.Xerox.COM [13.1.64.93])
          by hub.freebsd.org (8.8.7/8.8.7) with SMTP id OAA00861
          for <hackers@freebsd.org>; Sat, 22 Nov 1997 14:37:14 -0800 (PST)
          (envelope-from fenner@parc.xerox.com)
Received: from crevenia.parc.xerox.com ([13.2.116.11]) by alpha.xerox.com with SMTP id <53141(1)>; Sat, 22 Nov 1997 14:36:02 PST
Received: from localhost by crevenia.parc.xerox.com with SMTP id <177476>; Sat, 22 Nov 1997 14:35:38 -0800
To: Nate Williams <nate@mt.sri.com>
cc: bmah@ca.sandia.gov, hackers@freebsd.org
Subject: Re: Getting ethernet packets content under FreeBSD? 
In-reply-to: Your message of "Fri, 21 Nov 97 14:34:22 PST."
             <199711212234.PAA15870@mt.sri.com> 
Date: Sat, 22 Nov 1997 14:35:23 PST
From: Bill Fenner <fenner@parc.xerox.com>
Message-Id: <97Nov22.143538pst.177476@crevenia.parc.xerox.com>
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I usually just use this perl script, which I call "tcpdumpscii".
Then run "tcpdumpscii -s 1500 -x [other tcpdump args]".

  Bill

#!/import/misc/bin/perl
#
#
open(TCPDUMP,"tcpdump -l @ARGV|");
while (<TCPDUMP>) {
	if (/^\s+(\S\S)+/) {
		$sav = $_;
		$asc = "";
		while (s/\s*(\S\S)\s*//) {
			$i = hex($1);
			if ($i < 32 || $i > 126) {
				$asc .= ".";
			} else {
				$asc .= pack(C,hex($1));
			}
		}
		$foo = "." x length($asc);
		$_ = $sav;
		s/\t/        /g;
		s/^$foo/$asc/;
	}
	print;
}